Key Concepts

The growth of health information technology brings into play many new concepts. Here, we sort out some of the key points, supporting concepts and give reporters an easy way to explain such things to their readers, viewers and listeners.


Application Programming Interface (API)

Augmented reality

Automatic speech recognition (ASR)

Brain-computer interface

Clinical decision support (CDS) system

Cloud platform

Cognitive computing

Comprehensive health record (CHR)

Credential stuffing


Deep learning

Digital health equity

Digital redlining

Digital therapeutics


Electronic health record (EHR) adoption

Health Information Exchange Organization

Information blocking

Intelligent technologies in the OR

Medical device vulnerabilities

Medication reconciliation


Net neutrality

Note bloat

Open Notes

Paid prioritization

Patient matching

Population health management

Protected Health Information (PHI)

Regional Health Information Organization

Remote patient monitoring

Unique Device Identification

Unstructured data



Algorithmovigilance refers to scientific methods and activities relating to the evaluation, monitoring, understanding and prevention of adverse effects of algorithms in health care. It is a term coined by physician Peter Embi, president and CEO of the Regenstrief Institute and associate dean for informatics and health services research at the Indiana University School of Medicine.

Artificial intelligence has the potential to help transform medical decision-making and treatment, but its algorithms must be thoroughly tested and continuously monitored to avoid unintended consequences or harms to patients, Embi has said. 

“Just as we would not think of deploying a new pharmaceutical or device into practice without first ensuring its efficacy and safety in the populations to which it will be applied, so too must we recognize the reality that algorithms have the potential for both great benefit and harm and, therefore, require further study,” he wrote in a recent commentary in JAMA Network Open

Algorithmic performance changes as it is deployed with different data, settings, and times, he wrote. How algorithms are used also involves human-computer interactions that add another level of variation and complexity that can change an algorithm’s performance or how its outputs are interpreted by different users. 

Given the rapidly accelerating pace of change and promise for care guided by adaptive and computable algorithms, the inherent and systemic inequities that exist in our health care system, and the potential for unintended harm, he wrote, “It is imperative that we continue to develop, test, and disseminate tools and capabilities that enable systematic surveillance and vigilance in the development and application of algorithms in health care.”

Application Programming Interface (API)

APIs are important in health IT because they allow programmers to access key data from other sources and integrate that data into their own applications. Think of an API as a conduit that allows program creators to “grab“ data sources.

A good example of consumer API use is a smartphone weather app, which takes data from other sources and organizes it so you know whether you'll need sunscreen or a snow shovel.

Allscripts was a pioneer in open APIs through its AllScripts Developer Program, which allows programmers to access the API, documentation, code samples and validation resources to integrate with Allscripts platforms. The thinking behind this approach is that open APIs result in a better, richer end-user experience.

APIs have the potential to improve interoperability and patient access to their own data. APIs can also help create more useful resources on patient care.

The National Cancer Institute announced in September 2016 that it had released the beta of an API to make the information on clinical trials ( available to third parties. The API will allow advocacy and patient groups, cancer centers and researchers to build apps and tools to help patients find potentially suitable clinical trials. You can read more about that announcement, made by Vice President Joe Biden in June, and initial uses of the API.

The Harvard Business Review published an optimistic overview on APIs, in “The Untapped Potential of APIs in Health Care." And Medium published a counterpoint argument about APIs.

The Office of the National Coordinator on Health IT (ONC) has an overview on APIs, especially in relation to electronic health records, in its Health IT Playbook. In 2015, the ONC included API criteria in its EHR certification requirements.

Fast Healthcare Interoperability Resources, FHIR (pronounced “fire“), is a standardized API being created by Health Level Seven, and expected for release in 2017. The ONC is supporting the development of FHIR-based API.

Augmented reality

Augmented reality (AR) is an interactive experience of an immersive, simulated real-world environment in which objects that reside in the real world are enhanced by computer-generated information to impact the senses of sight, hearing, touch, or smell. AR requires technology components such as a processor, display, and sensors. AR can be accessed using a smartphone, tablet computer, special headset or other technologies.

This differs slightly from virtual reality. In virtual reality, a user’s perception of reality is based completely on virtual information. But in augmented reality, a user is provided with additional computer-generated information to enhance their perception of reality.

Uses of AR in medicine include: smart glasses that allow surgeons to see high-resolution, 3D representations of their patients’ anatomy (akin to X-ray vision); enhanced viewing of a fetus inside a mother’s womb; and a near-infrared vein finder that films veins under the skin and projects the image onto the skin to help with blood draws or placement of intravenous catheters, etc.

Automatic speech recognition (ASR)

Automatic speech recognition (ASR) allows people to converse with computers using normal speech and be reasonably understood and receive a response. That response might be an answer to a question, a correct prompt or by transcribing the user's speech into readable text in real-time.

ASR is made possible through natural language processing (NLP) and is used every day in the form of Google's Siri and Amazon's Alexa, for example. ASR is also used in simpler formats called directed dialogue, the best example being automated phone trees for customer service needs of banking, airlines, health care and other sectors.  

ASR has a lot of potential in health care. It could be used for remote patient monitoring, for instance, or to conduct pre-appointment information gathering. Some companies are developing ASR in the hopes of reducing data entry tasks associated with electronic health records. Google researchers conducted a proof of concept study in which they developed two ASR methodologies for multi-speaker medical conversations (between physician and patient) and concluded they could help reduce documentation burden on providers. More on the study can be found in this MobiHealthNews story.

The Dartmouth Institute for Health Policy and Clinical Practice is doing similar research by refining audio and video recordings of physician-patient interactions to improve patient understanding what was discussed during the appointment. You can learn more about this research – which incorporates big data, machine learning and user-centered design -- at

ASR is still in its early stages. It is an interesting aspect of health IT to follow because of its many potential uses and applications to improve the experiences of providers and patients. It also has pitfalls if applications are rolled out too quickly and create more misunderstandings or additional work.

For more details on how ASR works, check out this helpful infographic and explainer.

Brain-computer interface (BCI)

A technology system that collects and interprets brain signals, and transmits them to a connected machine — such as a computer or robotic limb — that outputs the commands. BCIs can be directed at researching, augmenting or repairing human cognitive or sensory-motor functions.

There are several types of BCIs, ranging from noninvasive (such as using MRI or electroencephalogram) to invasive (such as when a microelectrode array is implanted in the brain to transmit signals wirelessly or through a transmitter worn at the top of head).

Researchers spoke at Health Journalism 2022 about BCI projects to restore communication, mobility and independence for people with neurologic disease, injury or limb loss. Examples are using BCIs to operate a prosthetic limb, move a computer cursor, type messages, or select music or videos via a computer. Brain-controlled robots that attach a laptop or computer monitor to a base on wheels could enable homebound individuals to virtually visit other locations.

Clinical decision support (CDS) system

A clinical decision support (CDS) system is a computer application that is used to analyze available data to help providers make clinical decisions, including diagnoses and treatment plans. The goal of CDS is to improve patient safety and quality and, therefore, outcomes.

CDS systems combine patient information with a medical knowledge database to offer decision support. Nurses, physicians and other providers typically use these systems.

There is not a one-size-fits-all approach to CDS systems. They can include order sets, drug interactions, care plans and protocols, critiques, alerts and other warnings, predictive analytics and relevant data summaries for patients.

While CDS can help bolster evidence-based practices, they are a work in progress and face challenges including fitting into provider workflows, addressing co-morbidities of patients and create recommendations that are tailored to individual patients and their circumstances.

Importantly, the Centers for Medicare and Medicaid services is proposing phasing out clinical decision support system requirements from its physician and hospital EHR incentive programs. (link to MACRA tipsheet)

HIMSS has a comprehensive resource on CDS, including liability and other relevant topics. 

Cloud platform

Many hospitals have health IT systems, including electronic health records (EHRs), that are “on premises," or “client server,“ meaning that the systems are maintained by the health system. But increasingly, health care is following other sectors of the economy into the cloud. For instance, in July 2019, Cerner announced a partnership with Amazon Web Services, the retail giant's cloud computing service, to power new innovations such as data analytics and predictive modeling.

A cloud platform provides an on-demand computer system environment for software applications that is administered by a vendor offsite. Ideally, this platform is unified to deliver seamless functionality and more streamlined and efficient processes and data management. A cloud platform means that users don’t need to switch between applications – and systems and passwords – for greater usability. It also means data from various functions can be more easily organized and integrated for analytical purposes.

In today's “cloud wars,“ industry giants Microsoft, Amazon, Oracle, IBM and Google are vying for customers to provide cloud data storage. Cerner's partnership with Amazon is just one aspect of this cloud expansion into healthcare that is taking on new importance.

To learn more about health care's move to the cloud, see our tip sheet.

Cognitive computing

Cognitive computing is the simulation of human thought process in a computerized model. Cognitive computing is used in artificial intelligence (AI) applications such as robotics and virtual reality. It essentially harnesses big data, cloud computing, pattern recognition and natural language processing to mimic how the human brain processes information.

IBM Watson is probably the most well-known example of cognitive computing (it famously won the game show “Jeopardy“ in 2011). Microsoft's Cognitive Services is another example of cognitive computing.

Cognitive computing in health care is expected to take off in the next few years. One example of its application to healthcare is IBM Watson for Oncology, which was created with Memorial Sloan Kettering Cancer Center in New York to help cancer specialists make more informed treatment decisions. IBM Watson for Oncology analyzes a patient's personal medical data against huge data troves and expertise to offer evidence-based treatment options to individual patients. 

Some see promise in cognitive computing as a way to solve entrenched problems in health care, from health disparities to physician burnout.

Comprehensive health record (CHR)

As the thinking and research around the social determinants of health evolves, some powerful people in health care think the terminology around electronic data should too.

Judy Faulkner, CEO of Epic Systems, which is the largest electronic health record (EHR) vendors, is advocating for retiring the term synonymous with her company. 

“The first is that there’s information that’s not in the EHRs now,“ Faulkner said in an article for Healthcare IT News.  “The second one is care that is not in the hospital but has to be part of the picture. We bring them in the Comprehensive Health Record, which should be the comprehensive health record – social and community care. And the last is traditional healthcare within the walls that has now moved out of the walls.” 

A CHR could include information about a patient's housing status, transportation access and food security, for instance. It could also bring in data gathered from wearable devices such as heart rate, exercise patterns and sleep.

Health systems, insurers and large employers are clamoring for better electronic tools to manage the health of populations, and to build on existing EHR systems to add space for the input, synthesis and interpretation of other types of data not gathered in traditional health care settings.

Apple's move to add a patient health record to the iPhone adds another consumer element to the discussion, as it provides a way for patients and providers to potentially share health information and collaborate on care plans.

A CHR makes sense. But with so many acronyms in health care already, there's a argument for sticking with EHR while incorporating added features to make the records truly comprehensive.

Credential stuffing

A growing cybersecurity threat where hackers find emails and passwords that have already been stolen and dumped online and try those credentials on another site. Nest, Chipotle, DoorDash, Dunkin Donuts and others have been recently in the news as examples of credential stuffing, as customers for those services may have been victims of this tactic. Credential stuffing has not been a big factor in the health care sector yet but could be with the rise of patient portals and other consumer-facing web services, like telehealth, being offered by physician groups, insurers and health systems.

Key things to know about credential stuffing:

  1. Accounts and passwords are typically gained from a prior massive corporate data breach.

  2. The tactic takes advantage of the fact that few people have a password manager, and they tend to reuse user names and passwords across sites, and leave them unchanged for months or years, even after a data breach.

  3. Hacked user names and passwords are typically bought and sold on the dark web (but are increasingly accessed via regular searches).

  4. Hackers rely on automation to test out stolen user names and passwords on various sites to conduct credential stuffing quickly.

  5. Once hackers gain access to the new user information, those accounts also go up for sale, or the personal information extracted from the site does.

  6. Strategies to stop credential stuffing include two-factor authentication, using a password manager and changing passwords frequently and not repeating them across sites.


A cyberattack is an attempt by hackers to gain illegal access to a computer or computer network for the purpose of causing damage or harm. Hospitals, health care systems, and others in the industry are increasingly concerned about the potential of cyberattacks due to the increase in employees working at home as well as an increased use of health care devices that are connected to hospital records systems.

There are several types of cyberattacks, according to Cisco. Malware is malicious software such as spyware, ransomware, viruses and worms. These look for vulnerabilities to breach networks, like if a user clicks on a dangerous link or email attachment that then installs risky software. Once installed, malware can block access to component of the network, render certain components inoperable, or secretly transmit data from the hard drive.

Phishing is the practice of sending fraudulent communications, usually through email, that appear to come from a legitimate source. The goal is to steal data like credit card or login information and install malware on a victim’s machine. Man-in-the-middle attacks are when attackers insert themselves into a two-party transaction to filter and steal data. For more information, see

Deep learning

A subset of Artificial Intelligence (AI) where computer networks are able to learn, unsupervised, from data that is unstructured. Deep learning happens when a computer system uses mathematic algorithms to analyze data independently to achieve results. These computer systems look for patterns in the data and learn to recognize these patterns to draw certain conclusions. Recent breakthroughs in deep learning have come only since 2015. Deep learning is currently being studied for practical health care applications, such as interpreting medical imaging scans to detect cancer. Also important are the ethical implications and potential downsides to using machines to conduct analysis traditionally done by humans. Deep learning is an exciting field right now, and holds enormous potential to alter health care diagnosis, treatment and workflows. A Health Journalism 2018 panel explored the implications of deep learning on health care.

Digital health equity

Using digital health tools to help make health care more accessible and affordable for everyone. With digital health equity, everyone, regardless of social, economic, demographic or geographic differences should have equal access to digital health resources and should achieve equal health outcomes through the use of these tools.

The term emerged from a renewed focus on health equity occurring during a time of rapid digital transformation of the health care system, which provides an opportunity to address many core health equity challenges, according to an October 2021 commentary in the Journal of the American Medical Association. Digital health tools to augment in-person care such as telehealth and remote care management, have the potential to address structural challenges for marginalized populations, authors wrote, including lowering access barriers of time and distance, and providing tailored communication through appropriate language and literacy.

Digital redlining

The practice of creating and perpetuating inequities between already marginalized groups, specifically through the use of digital technologies and content, and the internet. The Robert Wood Johnson Foundation defines this as “major network providers systematically excluding low-income neighborhoods from broadband service, deploying only sub-standard, low-speed home internet.” Privacy scholar Chris Gilliard, a professor at Macomb Community College in Michigan, defines this as “the creation and maintenance of tech practices, policies, pedagogies, and investment decisions that enforce class boundaries and discriminate against specific groups.”

The concept can be considered a modern extension of the practice of redlining in housing discrimination, in which red lines were drawn on maps to indicate poor, primarily underserved neighborhoods often due to race or ethnicity deemed unsuitable for loans or further development. The digital divide is seen as one impact of digital redlining.

Digital therapeutics

Digital therapeutics is an emerging and rapidly evolving sector of the digital health market that uses data analytics, machine learning and artificial intelligence to help patients with behavior change. Digital therapeutics is considered by some to be promising as a complement – or even replacement - to drug and medical device therapeutics in patient care. The idea is for machines to support physicians, nurses, care coordinators, health coaches and physical therapists to practice at the top of their licenses by conducting routine and remote monitoring and coordination of a patient's prescribed treatment. Some in Silicon Valley are betting that digital therapeutics can be just as or more effective than some medicines in treating common conditions. For instance, a digital therapeutic application could help a patient with insomnia develop better sleep habits and behavior modifications instead of relying on sleeping pills. In September 2017, Pear Therapeutics gained Food and Drug Administration approval for the marketing of its mobile application called Reset to help treat substance abuse disorder. Reset is one of the first FDA-approved digital therapeutic applications. Its approval was based on the results of a 12-week clinical trial of nearly 400 patients.


Electronic consultation, or econsult, is an online triage and consultation tool that facilitates the secure sharing of information between a primary care physician and a specialist to decide the course of treatment for a patient. Econsults have shown to reduce wait times for specialty care appointments. Econsults also improve communication among care teams and patient satisfaction. Notably, an econsult can eliminate the need for an in-person specialist referral in some cases. Econsult was originally developed at the University of California San Francisco. A number of econsult products are on the market, including by the companies eConsult and RubiconMD. The Blue Shield of California Foundation offers implementation grants for safety net hospitals to adopt econsult. You can read case studies on econsult implementation here.

Electronic health record (EHR) adoption

Adoption of electronic health records (EHRs) by hospitals, physician groups and sole practitioners has risen steadily in recent years. At least 75 percent of hospitals have now adopted at least a basic EHR, up from 59 percent in 2013, according to a Dec. 2015 report in Health Affairs. And 56 percent of all U.S. office-based physicians have demonstrated “meaningful use“ of certified EHRs at the end of 2015, according to the HHS.

The rapid adoption of EHRs is the result of the HITECH Act of 2009. The HITECH – Health Information Technology for Economic and Clinical Health – Act established a financial incentive program for providers to adopt, implement and upgrade certified EHR systems. Called the “meaningful use“ (MU) program, it started in 2011. Between May 2011 and March 2016, a total of $22.6 billion in payments have been made to providers. Medicaid providers have received another $10.5 billion in that same time period. As of October 2015, more than 479,000 health providers have received incentive payments through the program.

Meaningful use is in three stages: Stage 1 is the basic capture and sharing of data; Stage 2 is advanced clinical processes; and Stage 3 focuses on improved outcomes. Most participants had to attest to Stage 2 by 2015. Stage 3 attestation is in 2016.

Starting in 2015, hospitals participating in the Medicare portion of the EHR incentive program faced financial penalties for not meeting requirements.

While the rapid adoption of EHRs has been applauded, some issues persist. These include:

  • Financial costs: Providers have reported challenges related to both upfront and ongoing costs of EHRs (including upgrades).

  • Physician cooperation: Already very busy physicians have to input patient data into records, and some experts have been talking about this issue and how to ease this administrative burden.

  • Complexities of meeting meaningful use criteria: Having the IT personnel and funding to meet the criteria have been issues for some providers.

  • Digital divide between providers: In some studies, smaller and rural hospitals and practitioners were less likely to be able to meet meaningful use criteria.

  • Interoperability: The ability to exchange patient data between providers and with public health entities is an ongoing issue. A 2015 General Accounting Office report identified five barriers to interoperability.

Health Information Exchange Organization 

A Health Information Exchange Organization (HIEs or HIOs) is an entity that provides health information exchange services to participating stakeholders in one geographical region. These organizations are also known as RHIOs (pronounced “RIOs“ but that term is generally no longer used). HIEs/HIOs typically do the legwork in terms of meeting capability, security and privacy standards for secure exchange of health information among participants. Stakeholders often include providers, laboratories, payers and public health departments in the region. These organizations can be regional or statewide. They must comply with HIPAA and other privacy laws. And they often provide technical and advisory support services to participants as well.

HIEs/HIOs have had a mixed record of success. The well-documented demise of the Santa Barbara County Care Data Exchange and, later, CalRHIO provided some lessons to the structure and value proposition. HIOs are known to link up with other HIOs. For instance, at least eight HIOs in New York state have joined the Statewide Health Information Network for New York (SHIN-NY) to securely exchange records.

A list of HIEs/HIOs that have received federal funding can be found on the HIE tipsheet.

Information blocking

Information blocking happens when someone – a health provider or IT vendor, for instance – willingly or knowingly interferes or “blocks" the exchange and use of electronic health information. The reasons for information blocking are typically profit-driven, according to one study, such a desire to maximize short-term revenue or to control patient flow to a local competitor.

According to the Office of the National Coordinator for Health IT (ONC), some examples of information blocking are: fees that make data exchange cost-prohibitive; contracts that prevent information-sharing with patients or providers; technology designed to inhibit information-sharing; and technology that locks users (providers or patients) into systems that are not portable (or so-called "walled gardens").

The federal government and Congress believe information blocking is a problem and are taking steps to address it.

The exchange and use of health information electronically among trusted entities is a right protected under the Health Insurance Portability and Accountability Act (HIPAA). The 21st Century Cures Act of 2016 directs the Department of Health and Human Services to reduce the burden of electronic health information sharing among trusted entities. As part of the effort to fulfill this mandate, the ONC is expected to release a much-anticipated proposed rule on information blocking in fall 2018.

Intelligent technologies in the OR

Improving the accuracy and efficiency of surgical procedures is a top priority for hospitals. ORs account for about 60% of total hospital revenue. As more care moves to the outpatient or even home setting, surgery is taking on a larger focus for inpatient services. AI and VR (virtual reality) advancements could drive greater precision in surgical care while reducing costs.

Between 35% to 45% of hospitals in the US and EU will use intelligent technologies in surgical care by 2022, according to a July 2019 report by Frost & Sullivan, a consulting and research firm.

Intelligent technologies for surgical care are already being tested and rolled out. Microsoft's HoloLens 2 holographic computing platform, for example, is an augmented reality headset for a variety of uses. Microsoft is partnering with Phillips to use the HoloLens 2 for image-guided minimally invasive surgeries.

And in May 2019, the FDA approved an augmented reality platform by Medivis for surgical use. The SurgicalAR platform is a visualization tool that guides surgical navigation, potentially reducing complications that arise during surgical procedures.

As intelligent technologies gain regulatory approval and become integrated into OR workflows, patients and providers should continually assess their benefits.

Medical device vulnerabilities

Medical devices – supplies, instruments and tools that play a role in the diagnosis and treatment of medical conditions – are increasingly connected to one another. This connectivity leaves medical devices vulnerable to cybersecurity threats including hacking. Any vulnerability of medical devices has the potential to cause patient harm. Therefore, medical device security has become an important topic in government and health care circles.

Infusion pumps, imaging computer systems and patient monitors are some examples of in-patient connected medical devices that could be vulnerable to cyber threats. Medical device security is also a concern in the outpatient setting as more patients leave the hospital with home monitoring systems, and implantable medical devices. Famously, physicians disabled the wireless functionality of former Vice President Dick Cheney's pacemaker to prevent a possible remote assassination attempt.

A number of publications, recommendations and plans have been issued in the past few years to address the threat to medical device security. In April 2018, the Food and Drug Administration released its Medical Device Safety Action Plan, which gives an overview of the types of medical devices, ways to oversee their security and the FDA's role in approving devices for medical use. The Health Care Industry Cybersecurity Task Force report, released in June 2017, has risks and recommendations for medical device security. Medical device security was the topic of a panel discussion at Health Journalism 2018.

Medication reconciliation

Medication reconciliation, or med rec, as it is commonly referred to by clinicians, is not a health IT topic per se, but technology is increasingly being used to improve the medication reconciliation process.

Medication reconciliation is the process of eliminating discrepancies in patient pharmacy data and electronic medical records. These discrepancies typically arise during transitions of care. So when a patient is discharged from the hospital with new medications, older drugs may not be taken off a patient's list of prescribed medications. Similarly, inpatient clinicians might not be able to access pre-admission medication lists.

More than half of all patients had at least one medication discrepancy at time of hospital admission, according to one study.

Medication discrepancies can result in incorrectly documented dosages, duplication of medications prescribed or omitted medications in the patient's electronic medical record. A lack of medication reconciliation can result in drug interactions or failure to take medications as prescribed, which can cause preventable readmissions.

Many hospitals are working to improve care transitions between the hospital and outpatient care environments. Medication reconciliation is an important aspect of care transition improvement efforts. The med rec team typically includes pharmacists and nurses, who review medication lists with patients either at the bedside prior to discharge from the hospital or over the phone after the patient goes home.

Technology is playing an increasingly important role in medication reconciliation. Integrating EHRs with outpatient pharmacy records is one example. And computerized provider order entry (CPOE) is improving accuracy of medication orders. However, researchers note that fully implemented EHRs in hospitals and outpatient centers have not eliminated the problem of errors in patients' medication lists.

The Agency for Healthcare Research and Quality has more on this topic


The metaverse is a shared virtual environment that people can access through the Internet. It combines aspects of social media, online gaming, augmented and virtual reality, cryptocurrencies and more to allow users to interact virtually but feel more engaged than a typical video meeting. People would be able to try on clothing from stores, for example, or attend concerts with friends in the metaverse just as in person.

Awareness of the term surged in the fall of 2021, when Facebook rebranded itself as “Meta” and founder/CEO Mark Zuckerberg said he believed the metaverse is the next chapter for the Internet, according to Merriam-Webster.

While still in its infancy, the metaverse has several potential applications in health care. This includes items like simulation training, where medical trainees could get an up-close view of a surgeon’s procedure, enhanced with tactile controls that would give them a sense of touch, or interactive training modules where learners could go within the human body to study a patient’s medical problem. An article by the Acceleration Economy Network has more information.

Note bloat

Patient progress notes have become long and overwrought due to cut-and-paste functions and expandable templates in EHRs, leading to “note bloat." The effort needed to read and sift through long progress notes in the EHR has been cited as a cause of stress and burnout among clinicians in multiple studies.

Some organizations are attempting to reduce “note bloat." The AMIA, in a letter to federal health regulators in Jan. 2019, recommended decoupling clinical documentation from billing to reduce IT-related clinician burdens.

Net Neutrality

Net neutrality protects equal treatment of all data that travels over networks fairly, with no discrimination, no fast or slow lanes and no blocking of any legal material. These networks over which information travels are controlled by Internet service providers (ISPs), that include large corporations such as Comcast, AT&T and Verizon.

Net neutrality is considered vital to protect an open Internet. It has faced many threats over the years. In the latest, the Federal Communications Commission has signaled an interest in rolling back Obama-era rules put in place in 2015 that cemented net neutrality in federal regulations. The FCC could also simply stop enforcing these regulations.

Any weakening of net neutrality has implications for health care and for journalists. As health care becomes more connected, an open and neutral internet ensures that there's no surcharges or slow lanes for telehealth, home monitoring devices or even inpatient connected devices.

For journalists, net neutrality ensures that all Internet users have access to all content equally, whether they come from tiny blogs or from media or industry giants.

Open notes

Ever wonder what your physician is scribbling or typing during or after your medical visit? One group is helping patients find out. The OpenNotes initiative is working to give patients access to their physician's notes in electronic format. OpenNotes started in 2010 as a year-long pilot program with over 100 primary care physicians and more than 13,500 patients at three health centers. Providers invited patients to read their medical visit notes through a secure online patient portal. Findings of that demonstration indicated that patient access to provider notes improves communication, patient safety and engagement and strengthens the doctor-patient relationship. In 2015, OpenNotes received $10 million from four foundations to grow the number of patients with access to clinician notes from five million to 50 million. In 2017, more than 15 million patients in 37 states had online access to their physician notes.

Paid prioritization

Paid prioritization means that a content provider or other entity on the Internet enters into an agreement with a broadband provider to pay a fee so that their Website loads faster than others. This is also known as paid “fast lanes." Paid prioritization was banned under 2015 rules adopted by the Federal Communications Commission during the Obama administration. But the FCC overturned those rules in a 3-2 vote along party lines on Dec. 14, 2017. Broadband giant Comcast has promised to not engage in paid prioritization but that could change over time. With the new rules, there is nothing to stop Comcast or other Internet service providers from prioritizing certain content (including their own) over others. At the hearing ending net neutrality in December 2017, FCC Commissioner Michael O'Rielly disputed that paid prioritization is a bad thing. “I, for one, see the benefit of paid prioritization of telemedicine or driverless cars over, say, cat videos,“ he said.

But many legal experts say that paid prioritization would lead to inequity in terms of access to content and services online, and could stifle free speech and free press.

Patient matching

In patient matching, the right data is matched with the right patient at the right time, in a secure and private structure.

The push for better patient matching originated from the idea that accurate patient identification can reduce the risk of medical errors and improve care quality and safety. Patient matching can also reduce inefficiencies in care, such as unnecessary tests.

If you think about the sheer number of John Smiths or Sarah Browns or David Lees in existence, name matching for correct medical information is both important and challenging.

In 2014, a report by the Office of the National Coordinator for Health Information Technology (ONC) found that about seven out of 100 patient records are mismatched. Patient matching error rates rise as patient information is shared with other health entities, such as between a hospital and a nursing home.

Multiple efforts are underway to improve name matching. The CHIME National Patient ID Challenge is a $1 million competition to accelerate innovation in name matching. The challenge launched in January 2016 and closes in spring 2017. The Sequoia Project put forth a framework for name matching in 2015. And the ONC has a patient identification SAFER guide of recommended practices. 

Population health management

Population health management is the aggregation of patient data across multiple health IT resources, analyzing that data, and using those data to improve outcomes and better track the health of communities and specific populations. Population health management is already mainstream, largely because of the implementation of EHRs in recent years and using those EHRs to create actionable databases and disease registries, which group patients by disease states including diabetes, hypertension, HIV/AIDS and depression.

Providers often target patients in disease registries for more supportive interventions. Population health management can also help providers identify high-risk and frequent users of hospital resources, like emergency departments. And population health management can track rates and test interventions for community public health concerns including annual flu vaccines and tobacco cessation. The federal government is encouraging population health management through its Shared Savings Program, state Medicaid waivers and the Medicare Advantage program. For instance, public hospitals in states that have received a Medicaid waiver often have financial incentives to implement population health management capabilities.

Population health management holds the potential to reduce health care costs by moving interventions “upstream“ to reach patients in more individualized ways before they end up seeking care in more acute (and costly) settings. Population health management operates in concert with patient-centered medical homes, where primary care providers use a team-based approach to improve care coordination, patient engagement and quality and safety.

Protected Health Information (PHI)

This term, first mentioned in the Health Insurance Portability and Accountability Act (HIPAA) in 1996, refers to any identifiable information about a person that appears in medical records or conversations among health care staff regarding a patient’s treatment. It may also include billing information or any other information that could be used to identify someone in a company’s health insurance records.

Examples of PHI include patients’ names, birth dates, addresses, Social Security numbers, phone numbers, email addresses, medical record numbers, medical treatment information and billing information. HIPAA’s role is to ensure this information is kept private. “Covered entities” such as doctors’ and dentists’ offices and clinics, psychologists, nursing homes, pharmacies and hospitals or home health agencies, and even health plans, must be in compliance with HIPAA.

Under HIPAA rules, health care organizations are required to secure patient information that is stored or transferred either on paper records or digitally, to help protect PHI from data breaches or hackers.

Regional Health Information Organization

A Regional Health Information Organization (RHIO) (pronounced “Rio“) is an entity that provides health information exchange services to participating stakeholders in a geographical region. RHIOs typically do the legwork in terms of meeting capability, security and privacy standards for secure exchange of health information among participants. Stakeholders often include providers, laboratories, payers and public health departments in the region. RHIOs must comply with HIPAA and other privacy laws. RHIOs often provide technical and advisory support services to participants as well.

RHIOs have had a mixed record of success. The well-documented demise of the Santa Barbara County Care Data Exchange and, later, CalRHIO provided some lessons to the structure and value proposition of RHIOs. RHIOs are known to link up with other RHIOs. For instance, at least eight RHIOs in New York state have joined the Statewide Health Information Network for New York (SHIN-NY) to securely exchange records. 

Remote patient monitoring

Remote patient monitoring is the use of technology to monitor the health of patients outside of conventional clinical settings. This type of monitoring most often happens at home, but can also be used in long-term care facilities, for instance.

Monitoring programs collect data on select patients and then transmit that data to care providers in another location for assessment, recommendations and response. Collected data might be vital signs, weight, blood pressure, blood sugar, heart rate or electrocardiograms. Remote patient monitoring is gaining traction as the technology to track patients improves and as hospitals and other providers dedicate nurses and other clinicians to conduct the monitoring. The idea is that remote patient monitoring can keep people in their homes, reduce ER visits and avoidable readmissions and improve patient satisfaction and outcomes.

Medicare penalizes hospitals for excessive 30-day readmissions. Patients typically receive devices and software programs that aim to be easy to use to monitor their health at home. These systems are typically integrated with patient EHRs and are combined with high-touch care such as frequent phone calls from nurses or health coaches, and possibly home health visits. Remote patient monitoring is a form of telehealth.

Some roadblocks to remote patient monitoring include: payment, especially since most of this care is not currently reimbursable in a fee-for-service environment; staffing needs, such as making sure that staffing is adequate to capture and respond to incoming data from at-home patients; fitting into workflow, specifically making sure incoming data is actionable and works with physician time; and legal gray areas and liability around caring for patients in non-traditional settings.

Unique Device Identification (UDI) 

What is a UDI?

Is it easier to track a jar of peanut butter than a medical device? Some say yes, and so a large-scale effort is underway to make it easier to identify medical devices in their distribution and use.

Once in place, this tracking system will not only allow for government regulators, device makers, hospitals and surgery centers to better monitor devices, it could also allow for deeper research into the comparative effectiveness of devices.

The basis of this system is a UDI – a unique numeric and alphanumeric code that is made up of two parts: 1) a device identifier that includes the labeler (e.g. manufacturer) and version or model of the device; and 2) an identifier that shows the serial number, expiration date, manufactured date, batch number or other unique codes specific to the item.

UDI monitoring system getting underway

In 2013, the Food and Drug Administration issued a final rule establishing the UDI system that is now being rolled out in phases. UDIs must appear in plain text and also in a digital form called automatic identification and data capture (AIDC) so it can be entered into an electronic medical record or other computer system in an automated (opposed to paper-based) process.

An important aspect of this UDI system is the FDA-administered Global Unique Device Identification Database (GUDID), where information about each device will be housed. This information is available to the public at Access GUDID.  Users of this database can search on specific devices and also download information on every device entered into the database. The FDA says it updates the database daily.

Timeline for implementation

The UDI system is going into effect in stages over seven years but it has delayed some initial deadlines. Medical devices that are implantable and life-saving have taken priority. But many other devices of lower classes will also need UDIs, like wheelchairs, pregnancy tests and other durable medical goods. The FDA has a chart on deadlines. It should be noted that many device manufactures have said they are not prepared to meet these deadlines. One survey in August 2016 indicated that only 15% of device manufacturers were prepared to meet an upcoming deadline. 

Unstructured data

To understand what unstructured data is, let's first clarify what structured data is: information that can be sorted into tables and rows and that is readily available, such as billing and diagnosis data. An example of structured data is the fields that clinicians fill in to a patient's electronic health record (EHR).

By contrast, unstructured data is information that is not easily organized and often in disperse locations. An example of unstructured data is physician notes in the EHR.

Figuring out how to organize and analyze unstructured data is one puzzle many companies are attempting to solve in health care today.

It's an important puzzle because of the sheer volume of unstructured data – collected via wearables, remote monitoring systems, social media, scales, sensors, patient reports and images such as X-rays. Linking unstructured data to structured data could provide a more complete picture of the health of an individual or a population. For instance, let's say a hospital system is attempting to find out which of its patients are smokers to target them for smoking cessation interventions. That information, “smoker,“ might be documented only as a note written by the physician in the EHR – as unstructured data. Extracting "smoker" from the note might not be easy. Sometimes it requires a manual chart review. The ability to take relevant information from a variety of sources and then merge those sources into a central place for analysis could help improve care and provide better public health overall. 


The design of a product and the way humans interact with that product is known as usability. Usability is important in the functionality of computer programs, and their integration into a person's daily life or workflow. The usability of electronic health records has come under scrutiny because poor design of EHRs and problems accessing and/or documenting information can lead to patient harm, according to recent studies.